webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-31 15:24:31 +03:00
Code Activity

OIDC: Added PKCE functionality

Browse Source 
Related to #4734.
Uses core logic from League AbstractProvider.
This commit is contained in:
Dan Brown
2024-01-25 14:24:46 +00:00
parent 5903823eed
commit 3e9e196cda
2 changed files with 23 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/Access/Oidc/OidcService.php
View File

@ -33,6 +33,8 @@ class OidcService
/**
* Initiate an authorization flow.
* Provides back an authorize redirect URL, in addition to other
* details which may be required for the auth flow.
*
* @throws OidcException
*
@ -42,8 +44,12 @@ class OidcService
{
$settings = $this->getProviderSettings();
$provider = $this->getProvider($settings);
$url = $provider->getAuthorizationUrl();
session()->put('oidc_pkce_code', $provider->getPkceCode() ?? '');
return [
'url' => $provider->getAuthorizationUrl(),
'url' => $url,
'state' => $provider->getState(),
];
}
@ -63,6 +69,10 @@ class OidcService
$settings = $this->getProviderSettings();
$provider = $this->getProvider($settings);
// Set PKCE code flashed at login
$pkceCode = session()->pull('oidc_pkce_code', '');
$provider->setPkceCode($pkceCode);
// Try to exchange authorization code for access token
$accessToken = $provider->getAccessToken('authorization_code', [
'code' => $authorizationCode,